Behold the New Cybersecurity and Infrastructure Security Agency

By Kevin Shaker, Consultant

For a long time now, we have been talking about a change in the mission scope and organizational structure of the National Protection and Programs Directorate, the agency largely responsible for securing federal networks and protecting critical infrastructure. But now, it seems that the 2017 bill to rename, reorganize and solidify its role at the department has finally happened.

The agency has officially been renamed the Cyber and Infrastructure Security Agency or CISA. The president signed into law the CISA Act of 2018 on November 16, 2018. The bill had been looming over Congress for some time.

Here are a few things industry will want to know about the agency’s new facelift:

Read more of this post

National Cyber Strategy – What Does It Mean for Those Selling Security Tools to the Government?

Lloyd McCoy Jr.

By Lloyd McCoy, Market Intelligence Manager

You’ve probably heard of the release last week of both the National Cyber Strategy and the Department of Defense (DOD) Cyber Strategy. Some of the priorities highlighted are robust information sharing, greater resilience, encryption, cyber scalability and hardening of IT systems. In fact, we’ve seen demand for these capabilities reflected in recent cyber budgets which have hovered between $13 and$15 billion over the last couple of years. While the documents bring together much of the cyber policies heard from the administration over the past year, there are some important key takeaways you should be aware of as we head into FY19.

Offensive Cyber
One of the most notable developments is a more overt embrace of offensive cyber operations. The DOD Cyber Strategy especially, hones in on this “defending forward” strategy, where the U.S. will confront threats before they reach U.S. networks.

By giving the government more latitude to conduct proactive and offensive cybersecurity, we could see more funding and resources allocated to these operations as early as next year. Expect more demand for network mapping and reconnaissance, data extraction, firewall tunneling and encryption/decryption tools, just to name a few. I expect most of the funding and demand for offensive cyber tools will be generally confined to U.S. Cyber Command and the intelligence agencies.

Read more of this post

New cyber authorities in new DHS legislation

Tom O'Keefecybersecurity, department of homeland securityBy Tom O’Keefe, consultant

A bill that has just made its way through the House would finally reauthorize the Department of Homeland Security, which has only been authorized once, in 2002.

There are several cyber provisions included in the House bill, which could mean a lot of opportunity for cybersecurity vendors if it ends up passing in the Senate (where it has, unfortunately, stalled before). But there’s a good chance that even if the bill doesn’t pass, we’ll see some of the additional authorities and responsibilities making their way to DHS components anyway.

Most of the specific provisions in the bill of interest here are ones that require certain components to own responsibility for cybersecurity of various locations. For example, the Transportation Security Administration would be responsible for assessing the cybersecurity of aviation systems, including airports and airlines, developing an information sharing project across the airline industry and assessing the vulnerabilities of the systems that house TSA PreCheck.

Read more of this post

What You Need to Know About CDM’s Latest Update

Jenni Taylor_65x85CDM eventBy Jenni Taylor, Contracts Programs Manager

immixGroup’s headquarters was a flurry of activity recently when we brought in tech companies to meet with contractors on the Department of Homeland Security’s Continuous Diagnostic and Mitigation program. It was our 4th CDM Speed Networking event, in support of CDM team leads, prime contractors and CDM providers and customers—something we organize every time the program is about to cross into a new phase.

We’ve had some updates since the event, with the most recent being a Request for Information (RFI) released this month that asks for industry input on Phase III capabilities and technologies. The RFI specifically wants to hear about secure orchestration, emerging data standards, and analytics tools to support timely detection and response to cyber events.

Read more of this post

DHS Wants to Hear from You

Tom O'KeefeDHS and industryBy Tomas O’Keefe, Consultant

Industry engagement seems to be the new focus at the Department of Homeland Security (DHS) as Luke McCormack, the chief information officer, and Soraya Correa, the chief procurement officer, have made it a point to ramp up outreach to the private sector. This summer looks to continue this trend of engagement with several activities and requests for information (RFI) that technology vendors will want to keep their eyes on.

First, the department has reached out to industry to gauge the viability of a DHS-specific contract for agile design and development. The RFI includes a draft scope of the proposed vehicle based on work done by the US Digital Services team in developing the Digital Services Playbook.

Read more of this post

Is the Workforce Ready and Able to Fight Cyber Threats?

Lloyd McCoy Jr.By Lloyd McCoy Jr., DOD Manager

The federal spymuseumevent-0281government’s cyber workforce will be the biggest determining factor in how
well government agencies tackle the rising cyber threat. That was the prevailing theme at the Federal Cybersecurity Update 2016 held at the International Spy Museum earlier this week. The event was organized by immixGroup, FedInsider, and George Washington University Center for Excellence in Public Leadership.

Leading representatives from the federal government and academia emphasized the importance of an effective cyber workforce. They also pointed out that the general workforce should be considered cyber defenders since they have a huge responsibility in mitigating vulnerabilities by using proper cyber hygiene. Many of the panelists admitted they frequently spear phish their employees to boost awareness and enforce commonsense practices.

Read more of this post

DHS’s New Years Resolution: A Budget

Tomas OKeefe_65x85Tomas O’Keefe, Consultant, Market Intelligence

NewYear1When Congress voted last year to give appropriations to federal agencies, there was one glaring omission: the Department of Homeland Security. Due to furor over executive actions on immigration taken by President Obama, Congress passed a Continuing Resolution for DHS until the end of February, so expect conversations on the Hill to be geared toward how to fund the Department while attempting to address the President’s executive action; this could affect two departmental components in particular, Immigration and Customs Enforcement (ICE) and the U.S. Citizenship and Immigration Services (USCIS).
Read more of this post

%d bloggers like this: